Siemens » Ruggedcom Rox I : Security Vulnerabilities, CVEs,

CVE-2017-6864

The integrated web server in Siemens RUGGEDCOM ROX I (all versions) at port 10000/TCP could allow an authenticated user to perform stored Cross-Site Scripting attacks.
Max CVSS
5.4
EPSS Score
0.10%
Published
2017-03-29
Updated
2017-07-12

CVE-2017-2689

Siemens RUGGEDCOM ROX I (all versions) allow an authenticated user to bypass access restrictions in the web interface at port 10000/TCP to obtain privileged file system access or change configuration settings.
Max CVSS
8.8
EPSS Score
0.30%
Published
2017-03-29
Updated
2019-10-03

CVE-2017-2688

The integrated web server in Siemens RUGGEDCOM ROX I (all versions) at port 10000/TCP could allow remote attackers to perform actions with the privileges of an authenticated user, provided the targeted user has an active session and is induced into clicking on a malicious link or into visiting a malicious website, aka CSRF.
Max CVSS
8.8
EPSS Score
0.13%
Published
2017-03-29
Updated
2017-07-12

CVE-2017-2687

Siemens RUGGEDCOM ROX I (all versions) contain a vulnerability in the integrated web server at port 10000/TCP which is prone to reflected Cross-Site Scripting attacks if an unsuspecting user is induced to click on a malicious link.
Max CVSS
6.1
EPSS Score
0.16%
Published
2017-03-29
Updated
2017-07-12

CVE-2017-2686

Siemens RUGGEDCOM ROX I (all versions) contain a vulnerability that could allow an authenticated user to read arbitrary files through the web interface at port 10000/TCP and access sensitive information.
Max CVSS
6.5
EPSS Score
0.12%
Published
2017-03-29
Updated
2017-07-12
5 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!
Accept Close